Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
File: 541034be-1844-4bf7-9c43-91bf5b83fa3d.roa (raw, json)
Hash identifier: ZTKuzr1EuPS/3H/WwygWPBd4I9yRjjNLp78+53o0tfI=
Subject key identifier: 7F:52:06:7B:74:94:56:6D:84:BB:54:5B:53:7E:15:86:BE:5A:A5:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02C91D49205563F88F79CC605E2424CBB8231F94
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
Signing time: Fri 21 Mar 2025 15:01:38 +0000
ROA not before: Fri 21 Mar 2025 15:01:38 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:c9:1d:49:20:55:63:f8:8f:79:cc:60:5e:24:24:cb:b8:23:1f:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:01:38 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fd:79:58:bd:94:3b:81:35:49:60:43:33:8e:
2e:0f:e9:1c:5c:98:2a:d6:3f:c5:15:c0:cb:e6:91:
98:c8:df:c6:cd:a6:34:8e:86:29:2e:83:7c:5a:45:
4b:49:48:6e:f7:c2:01:8e:b2:82:95:d6:43:8c:12:
28:1b:f8:99:47:73:1b:f8:52:48:16:e1:00:40:da:
ae:4c:f2:6a:df:73:a4:ea:21:5e:4d:84:f2:93:33:
65:7d:29:df:20:34:09:3d:3b:be:4e:62:94:71:0d:
dd:11:e8:cc:0e:4e:0c:65:e1:37:39:ca:c9:53:d4:
56:ba:22:ca:7f:95:5a:5b:8b:88:27:bf:88:e1:42:
64:db:20:f7:37:2f:a8:18:ff:81:7f:1e:93:9c:4d:
0e:fb:b9:b1:23:eb:50:79:95:97:a3:93:6c:46:9a:
21:08:d6:20:f2:7c:13:c3:18:77:fa:47:48:67:fe:
32:2d:6b:9b:3c:0e:86:2d:bf:90:f3:28:4d:cd:a6:
ab:a4:42:00:c1:65:4f:fb:52:40:be:1e:e8:50:00:
a7:43:62:0b:76:a8:f8:26:ef:46:23:79:6d:26:cd:
79:eb:fa:14:fb:48:34:b8:18:03:ab:7d:8b:24:7a:
bd:55:94:93:90:13:80:1b:29:17:98:be:e9:c0:65:
dc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:52:06:7B:74:94:56:6D:84:BB:54:5B:53:7E:15:86:BE:5A:A5:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/40
Signature Algorithm: sha256WithRSAEncryption
37:4a:90:b1:b7:db:f7:cf:9d:27:26:4c:61:47:99:88:f7:9b:
cb:cc:eb:5e:88:2a:04:79:24:d7:2c:27:82:51:32:04:23:a0:
2d:8e:34:c2:25:b2:8d:85:89:23:16:c2:3a:ac:2d:f1:46:8d:
19:6f:e6:dd:3f:84:bb:3c:cf:4b:bb:fd:fe:73:0b:12:ef:7a:
b2:f1:6d:dc:51:f7:29:f3:75:c0:27:16:59:e1:03:9d:16:84:
7a:f2:0c:ab:84:85:8d:62:7b:05:34:9e:b3:ee:13:c1:d4:76:
63:e8:e6:6e:20:45:2d:b4:b6:82:cb:fe:14:3f:f6:b8:ad:ef:
0c:f8:68:09:58:8a:7a:c3:8e:d5:e5:ef:14:99:51:74:c6:19:
86:eb:94:13:06:81:c9:8f:f9:3f:e8:1b:cf:5b:50:43:59:e7:
f8:50:2b:cf:4f:8f:06:a3:ea:41:5e:49:d4:2c:cc:90:d8:0d:
b1:af:bd:b2:a0:23:68:c7:38:2d:ff:6b:1c:75:29:8c:89:1b:
23:b0:e4:e5:f4:01:2d:57:83:2d:0c:9c:0c:eb:fe:8a:b2:b9:
10:6b:9d:08:76:fa:9b:06:f2:94:85:59:ae:3f:b7:b7:87:6e:
c0:4a:83:a7:c9:7f:f9:f6:1e:cc:14:95:18:8e:53:0c:fb:63:
c5:78:50:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAskdSSBVY/iPecxgXiQky7gjH5QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAxMzhaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNjIwODk3ZTVmMGExMDA2ZGZiMzE4MjYwYTJiNzRiZDJhYTI3YWM0YmM0
MmEwNDRiZjA5NjA1ZTFiYWM2NzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf9eVi9lDuBNUlgQzOOLg/pHFyYKtY/xRXAy+aRmMjfxs2mNI6GKS6DfFpF
S0lIbvfCAY6ygpXWQ4wSKBv4mUdzG/hSSBbhAEDarkzyat9zpOohXk2E8pMzZX0p
3yA0CT07vk5ilHEN3RHozA5ODGXhNznKyVPUVroiyn+VWluLiCe/iOFCZNsg9zcv
qBj/gX8ek5xNDvu5sSPrUHmVl6OTbEaaIQjWIPJ8E8MYd/pHSGf+Mi1rmzwOhi2/
kPMoTc2mq6RCAMFlT/tSQL4e6FAAp0NiC3ao+CbvRiN5bSbNeev6FPtINLgYA6t9
iyR6vVWUk5ATgBspF5i+6cBl3OECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR/UgZ7
dJRWbYS7VFtTfhWGvlqlBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQxMDM0YmUtMTg0NC00YmY3LTljNDMtOTFiZjViODNmYTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaA
MA0GCSqGSIb3DQEBCwUAA4IBAQA3SpCxt9v3z50nJkxhR5mI95vLzOteiCoEeSTX
LCeCUTIEI6AtjjTCJbKNhYkjFsI6rC3xRo0Zb+bdP4S7PM9Lu/3+cwsS73qy8W3c
Ufcp83XAJxZZ4QOdFoR68gyrhIWNYnsFNJ6z7hPB1HZj6OZuIEUttLaCy/4UP/a4
re8M+GgJWIp6w47V5e8UmVF0xhmG65QTBoHJj/k/6BvPW1BDWef4UCvPT48Go+pB
XknULMyQ2A2xr72yoCNoxzgt/2scdSmMiRsjsOTl9AEtV4MtDJwM6/6KsrkQa50I
dvqbBvKUhVmuP7e3h27ASoOnyX/59h7MFJUYjlMM+2PFeFAp
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:39 2025 by rpki-client